This Statement explains how personal data relating to you will be handled by the Flower Farmers of Ireland (“we” or “us“) and sets out how and why your personal data will be collected and processed by the Flower Farmers of Ireland and/or on its behalf by its third party service providers.
For the purpose of this Statement, the controller of your personal data is the Flower Farmers of Ireland.
APPLICATION OF THIS STATEMENT
This Statement applies to the way we collect and process your personal data. Personal data will be collected and processed by us when you or a company with which you are connected engage with us and/or avail of our services through www.flowerfarmersofireland.ie (our “Website“) or otherwise.
We will collect personal data when you:
- Become a member
- Participate in an event
- Buy something from us
- Request information from us
- When you visit our website or social media pages via tools such as cookies and online identifiers, including if you make comments on our message boards or discussion forums
- You work for us, provide services/ goods to us or we provide services to you
- Contact us or become involved with us in any other way than as stated above
THE PERSONAL DATA WE PROCESS
The information we may collect from the above interactions may include, but is not limited to the following:
- Your name, address, telephone number, mobile number, and email address, along with your preferences as to how we should contact you in the future
- Financial information which you give to us
- Information you enter onto our website, including information to take part in events or to volunteer with us (such as your date of birth and contact information)
- Information you share with us via social media for example your Instagram handle
- Details of your visit to our websites, including technical information such as the IP address you use to access the website, your device, browser type and version
- Any other details in which you give us
HOW AND WHY WE PROCESS YOUR PERSONAL DATA
We use personal data for several different processing activities which includes:
- To process your membership application
- Understanding how we can improve our services or information
- Providing you with the information or products you have requested
- Keeping a record of your relationship with us
- Keeping you up to date with our work and membership
- Inviting you to events, e.g. training opportunities
The following table details the legal bases (“Legal Basis“) according to which and the reasons why (“Purposes“) we collect, obtain and process your personal data.
Your personal data is processed on the basis of consent for the provision of our services.
You have the right to withdraw consent at any time. For more on this and other rights please see section below on your rights and how to exercise them.
We obtain, collect and process your personal data:
It is necessary to process your personal data to enter into and perform our contracts with you or your organisation for the provision of our services.
If you do not wish to provide us with your personal data for these purposes, we will not be able to enter into or perform our contract(s) with you or your organisation.
We obtain, collect and process your personal data:
We process certain of your personal data on the basis of our legitimate interests, such as in pursuit of our business or security interests.
Where we process your personal data in pursuit of our legitimate interests we determine if such processing is necessary and we carefully consider the impact of our processing activities on your fundamental rights and freedoms. We will not process your personal data where our legitimate interests are outweighed by the impact on your rights and freedoms (unless otherwise required or permitted by law).
You have the right to object to us processing your personal data on the basis of our legitimate interests. For more on this and other rights please see section below on your rights and how to exercise them.
We obtain, collect and process your personal data to:
COMPLIANCE WITH A LEGAL OBLIGATION
We process your personal data where it is necessary to comply with legal obligations to which we are subject.
Where necessary and/or applicable, we obtain, collect and process your personal data in order to comply with our legal and regulatory obligations, including under anti-money laundering and terrorist financing legislation.
DISCLOSURE OF PERSONAL DATA
We may disclose your personal information to other third parties including:
- Our trusted third-party service providers such as web developers, bank of choice and IT support;
- Other people in your company or organisation;
- Third parties involved in hosting or organising events or courses;
- Third parties under necessary circumstances in line with legal obligations;
- Professional advisors such as tax or legal advisors, consultants and accountants.
TRANSFERS OF YOUR PERSONAL DATA
We store and process your personal data on servers located within the European Economic Area (the “EEA“). We only transfer your personal data outside the EEA where the European Commission has decided that the third country in question ensures an adequate level of protection in line with EEA data protection standards or there are appropriate safeguards in place to protect your personal data. We currently transfer data to the US under the Privacy Shield Framework, for example is using service such as Facebook.
If you would like to find out more about the appropriate safeguards that we have in place to govern the transfer of your personal data, you can contact us at firstname.lastname@example.org.
Although we will always do our best to protect your personal data, we cannot guarantee the security of any information you transmit to us. Any transmission is at your own risk. Once we have received your information, we use strictly maintained physical, electronic and procedural safeguards to prevent unauthorised access.
RETENTION OF YOUR PERSONAL DATA
Generally, we shall retain your personal data for a period of seven years after the later of: (i) the conclusion of your relationship with us; or (ii) the conclusion of the relationship between the Flower Farmers of Ireland and the company with which you are connected.
YOUR RIGHTS AND HOW TO EXERCISE THEM
Where we rely on consent to process your information, you have the right to withdraw that consent at any time by contacting us (see contact section below). The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
The table below sets out the additional rights you have, to address any concerns or queries with us about our processing of your personal data. Please note that these rights are not absolute and are subject to certain exemptions under applicable data protection law.
|RIGHT TO BE INFORMED||
You have the right to know your personal data is being processed by us, how we use your personal data and your rights in relation to your personal data.
|RIGHT OF ACCESS||You have the right to ascertain what type of personal data the Flower Farmers of Ireland holds about you and to a copy of this personal data.|
|RIGHT TO RECTIFICATION||You have the right to have any inaccurate personal data which we hold about you updated or corrected.|
|RIGHT TO ERASURE||In certain circumstances you may request that we delete the personal data that we hold on you.|
|RIGHT TO RESTRICTION OF PROCESSING||You have the right to request that we stop using your personal data in certain circumstances including if you believe that the personal data we hold about you is inaccurate or that our use of your personal data is unlawful. If you validly exercise this right, we will store your personal data and will not carry out any other processing until the issue is resolved.|
|RIGHT TO OBJECT||Where we rely on our legitimate interests to process your personal data, you have a right to object to this use. We will desist from processing your personal information unless we can demonstrate an overriding legitimate interest in the continued processing.|
|RIGHT TO DATA PORTABILITY||You may request us to provide you with certain personal data which you have given us in a structured, commonly used and machine-readable format and you may request us to transmit your personal data directly to another controller where this is technically feasible.|
You can exercise any of these rights by submitting a request to us at email@example.com.
We may request that you provide proof of your identity for security reasons and to prevent the unauthorised disclosure or misuse of personal data. We will only charge you for requests to access your personal data where they are unreasonable, unfounded or excessive. If, after contacting us, you are still not satisfied with our response, you have the right to lodge a complaint with the Data Protection Commission. Please see www.dataprotection.ie for further information.
CHANGES TO THIS STATEMENT
We may occasionally update this Statement to reflect changes in our business or to comply with applicable law and regulations. If there are material changes to this Statement concerning how we use your personal data, we will notify you by prominently posting the statement our Website before they take effect.
If you have any concerns regarding the way your personal data are being used or processed by the Flower Farmers of Ireland, please contact us at firstname.lastname@example.org or using the information below: